You may or may not regularly think about your retirement accounts, depending on your age. Regardless of where you are at in your career, it is essential to think about the security of your account and best practices for managing it from a cybersecurity standpoint.
Cyber actors commonly target the financial sector for obvious reasons–there is money being handled and money to be made. Just as you would when managing bank accounts or logging into online bank portals, the same rules apply for interacting with and managing your retirement accounts. There are many signs that you may be the target of a phishing attempt or ransomware attack. To name a few:
- A text message from a service or account representative that you were not expecting
- Emails from illegitimate email addresses
- Emails with poor grammar or spelling mistakes
- Emails requesting personal information or account numbers via email
- In general, any correspondence from a financial institution that you were not expecting or makes you question its legitimacy.
According to the Employee Benefits Security Administration, you can reduce the risk of fraud and loss to your retirement account by following some fundamental rules.
- Use strong and unique passwords (and always opt into multi-factor authentication!)
- Regularly monitor your account by setting up an online login and visiting the online portal regularly to monitor your accounts.
- Continually update your personal information if it changes within your account portal–this includes name changes, address changes, and phone number changes.
- Never log on to your retirement account portal on unsecure wifi (hint: avoid free wifi and always use known, secure networks)
- Watch for the above signs of attempted phishing or ransomware attacks.
- Use legitimate third-party anti-virus products, such as Sophos Home.
If you are ever the victim of a phishing attack, always contact the institution or company you were infected from. Especially in the case of retirement accounts, it’s crucial the financial institution, and any designated fiduciaries on the account are notified right away.
PK Tech has a long history of supporting businesses that handle sensitive financial information. From CPAs to TPAs and more, we are well-versed in the financial sector’s compliance standards and operational necessities. Get in touch with PK Tech if we can support your business in any way.